Implement logout redirection for reverse proxy auth setups#36085
Conversation
GiteaBot
added
the
lgtm/need 2
github-actions
Bot
added
modifies/go
docs-update-needed
eliroca
force-pushed
the
logout_redirect_main
branch
4 times, most recently
from
63a3a81 to
fa7ee5a
Compare
|
After Implements OIDC RP-Initiated Logout #36724, you can redirect to anywhere you want, and no need to play with the frontend JS anymore. |
|
So we close this? |
Why? |
I'll rebase and update the patch this week. |
Sorry, misread. |
eliroca
force-pushed
the
logout_redirect_main
branch
from
fa7ee5a to
29ae0fb
Compare
eliroca
changed the title
eliroca
force-pushed
the
logout_redirect_main
branch
from
29ae0fb to
6be3cad
Compare
|
Can this be included in the upcoming 1.26.0 release? |
GiteaBot
added
lgtm/need 1
GiteaBot
added
lgtm/done
|
I can't see what has changed since your last commit. It's all just one commit now. It's important for the review to see how feedback was addressed. We will squash on merge, so there's no reason to prematurely squash on the PR branch. |
There is a way to see what changed since last commit, but I get your point, I'll try to keep the force-pushing to a minimum. 
|
|
Interesting, I didn't know GitHub had that feature. But yes prefer not to force-push still 😉. |
No, it only shows the diff between last force push and previous force push, the more history commits are still lost. https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md 
|
What do you think about this case? For example: on an instance, reverse-proxy-auth is enabled, and a user login via other methods (e.g.: OAuth2 or password form), is it possible? |
I think if reverse-proxy-auth is enabled, no other authentication methods should be. |
OK, let's write this assumption into comments. |
GiteaBot
added
lgtm/need 1
GiteaBot
added
lgtm/done
wxiaoguang
changed the title
…36085) When authentication is handled externally by a reverse proxy SSO provider, users can be redirected to an external logout URL or relative path defined on the reverse proxy. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
silverwind
removed
the
docs-update-needed
…37171) Backport #36085 by @eliroca When authentication is handled externally by a reverse proxy SSO provider, users can be redirected to an external logout URL or relative path defined on the reverse proxy. Co-authored-by: Elisei Roca <eroca@suse.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* main: Add comment for the design of "user activity time" (go-gitea#37195) fix(api): handle missing base branch in PR commits API (go-gitea#37193) Refactor htmx and fetch-action related code (go-gitea#37186) Fix encoding for Matrix Webhooks (go-gitea#37190) Always show owner/repo name in compare page dropdowns (go-gitea#37172) fix(api): handle fork-only commits in compare API (go-gitea#37185) Improve Contributing docs and set a release schedule (go-gitea#37109) Update Nix flake (go-gitea#37183) Remove outdated RunUser logic (go-gitea#37180) Refactor flash message and remove SanitizeHTML template func (go-gitea#37179) Indicate form field readonly via background (go-gitea#37175) Remove dead CSS rules (go-gitea#37173) Fix flaky `TestCatFileBatch/QueryTerminated` test (go-gitea#37159) Implement logout redirection for reverse proxy auth setups (go-gitea#36085) Add missing `//nolint:depguard` (go-gitea#37162)
6 participants
When authentication is handled externally by a reverse proxy SSO provider, users can be redirected to an external logout URL or relative path defined on the reverse proxy.